Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.
CWE-639
CVE-2021-38624
Windows Key Storage Provider Security Feature Bypass Vulnerability
CVE-2021-3852
growi is vulnerable to Authorization Bypass Through User-Controlled Key
CVE-2021-38362
In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to a REST API endpoint that is vulnerable to an Insecure Direct Object Reference (IDOR) issue and retrieve sensitive data.
CVE-2021-3813
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2.
CVE-2021-37777
Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR). Thumbnails uploaded by one site owner are visible by another site owner just by knowing the other site name and fuzzing for picture names. This leads to sensitive information disclosure.